NOORUL ISLAM COLLEGE OF ENGINEERING Kumaracoil Department of Computer Applications Sub. Name : XML and Webservices Sub. Code : MC1801 Class : S5 MCA Semester : Five Prepared by : Mr. A. Ferdinand Christopher Authorised by : Mr.M.K.Jeya kumar HOD XML and WebServices Question bank 2-mark Q & A Unit I 1. What are the three major aspects to extend the enterprise from a constrained network to broad reach of web? 1. Business-to-Consumer (B2C) Connection. 2. Business-to-Employee (B2E) Connection. 3. Business-to-Business (B2B) Connection. 2. What are the three key design elements that by omission contribute XML’s success? 1. No display is assumed. 2. There is no built-in data typing. 3. No transport is assumed.XML specification makes no aassumption about how XML is transported across the Internet. 3. XML History XML is a meta language defined by world wide web consortium (W3C) and standardized in 1998.XML has given rise to numerous vertical industry vocabularies in support of B2B e-commerce, horizontal vocabularies that provide service to a wide range of industries and XML protocols that have used XML’s simple power of combination to open up new possibilities for doing distributed computing. 4. What are the different revolution in which XML is playing a major role? a)Data revolution b)Architectural revolution c)Software revolution 5. What are the advantages of xml? a.xml files are human readable. b.Widespread industry support exists for xml due to its inexpensiveness and convenience in usage. c.It provides a way of creating domain specific vocabulary. d.It allows data interchange between different computers. e.It provides user selected view of data. 6.What is Electronic Data Interchange(EDI)? EDI is often used as the replacement for business communication through conventional business documents such as purchase orders,request for quotations,invoice and shipping notices.This kind of exchange takesplace between trading partners.Inorder to interchange data using EDI to trading partners must be agreed upon a common format. 7.What is W3c (World Wide Web)Consortium? W3c is responsible for the development of web specifications that describe communication protocols and technologies for the web .XML was defined by w3c to ensure that structured data is uniform and independent of vendors of applications.W3c has laid down certain rules that meet to be followed by the all xml applications.Some of these rules are: a.XML must be directly usable over the internet. b.XMl must support the wide variety of applications. c.XML must be SGML. d.XML documents must be human legible and clear. e.XML design must be formal and concise. 8.What is XML? XML stands for “Extensible markup language” a language developed by the World wide web consortium (W3C).It is considered a meta language because it is used To define other languages through the use of markup language ,which add structure and Meaning to document. 9.List out the reasons for not using attributes to store data. 1.Attributes cannot contain multiple values,while elements can have multiple subelements. 2.Attributes are not easily expandable to account for future changes. 3.Attributes are more difficult than elements to manipulate with programs. 4.Attributes values are not easy to check against a document type definition. 10.What is SOAP? SOAP-Simple Object Access Protocol Soap gives set of rules for moving data directly to the receipient or through and intermediate message queue.Soap uses common web protocols like HTTP,FTP and SMTP to enable communication across the web. 11. What is webservices? Webservices is both a process and a set of protocols,webservices offer different services through the web by providing access to softwares.Webservices have three major aspects they are • Service provider • Service requester • A broker 12.What are all the xml language basics? • Elements • Attributes • Entities 13.What is entities?Give Example. Entities are used to create substitution strings within a xml document Example: Xml and data evaluation can be defined with short string using entity declaration in DTD <!ENTITY xdr “xml and data revolution”>. 14.Explain briefly about .NET and J2EE? Managing the interaction across the extended enterprise include messaging,security,transactions,andidentity.The current software world, these capabilities are provided by (1).NET a window frame work (2)J2EE a java centric frame work. 15.Explain briefly abour data revolution? Prior to xml,Data was closely associated with applications.XML strength is data independence.XML data description is not tied to any programming language,os,or transport protocol it doesnot require to depend any available to web connected platfoforms also XML provides alternative to electronic data interchange. 16.What is the role of xml? XML is the set of guidelines foe describing structured data in plaintext rather than binary representation within the short period,time.XML has been widely used as language for variety of application ranging from vertical industry vocabularies to horizontal industry application to protocol. 17. What are Xforms? Xforms is an XML approach that overcome the limitation forms.XForm is a GUI tool kit for create user interface and deliver result in XML.Xform can work with a variety of standard as proprietary user interface, providing a set of visual control that replace the primitive form control in HTML and XHTML.Xforms are variety of button, scrollbars and menus integrated into single execution model that generates XML form data output. 18. What is VoiceXML? VoiceXML is an emerging standard for speech enabled application. Its XML syntax defines elements to control a sequence of interaction dialogues between a user and an implementation platform. The element defined as a part of VoiceXML control dialogues and rules for presentation information to and extracting information from and end-user using speech. Voice XML documents are stored on web servers. 19. What is XPath? XPath is used to navigate XML tree structures. XPath gets its name from its use of path notation to navigate through the hierarchical tree structure of an XML doucument.XPath allows for the section of the node or group of node through the use of a compact, on XML syntax. It is an important XML technology due to its role in providing a common syntax and semantics for functionality in both XSLT and Xpointer. 20.What are the Element Naming Rules used in XML? * Names can contain letters, numbers and other characters. * Names must not begin with number or punctuation. * Names must not start with the string "xml" in any upper or lowercase form. * Names must not contain spaces Unit – II 1. What are the advantages of schema over DTD? 1. It provides more control over the type of data that can be assigned to elements and as compared to DTD. 2. DTD dose not enable you to define your own customized datatypes.But schema definition enables you to create your own datatypes. 3. It also allows to specify restrictions on data. 4. The syntax for defining DTD is different from the syntax used for creating an xml document .But the syntax for defining XSD is the same as the syntax of an xml document. 2. What are the datatypes in an xml schema? 1.Primitive 2.Derived 3.Atomic 4.List 5.Union 3. What is DOM? What are the different levels of DOM? DOM is a W3C supported standard programming interface(API)that provides a platform and neutral interface to allow developers to programatically access and modify content and structure of tree structured documents such as HTML or XML. The different levels of DOM are: (a) DOM Level 0 (b) DOM Level 1 (c) DOM Level 2 (d) DOM Level 3 4. What are the drawbacks of CSS? 1. The browser decides how to dispaly elements that the stylesheet does'nt describe. 2. As browser implements CSS,some implementations may not always be consistent. 5. Write any two differences between XSLT and CSS? CSS XSLT 1. Simple to use,and is suitable for simple document. 1. It is complex to use. 2. Cannot reorder,add,delete or perform operations on elements. 2. Can reorder,add,delete elements because it is aware of the structure of an XML document. 6. What are the different XSLT elements? 1. Stylesheet 2. Value-of 3. For-each 4. Sort 5. Text 7. What is VoiceXML? VoiceXML is an emerging standard for speech-enabled applications.Its XML syntax defines elements to control a sequence of interaction dialogs between a user and an implementation platform. VoiceXML uses XML text to drive voice dialogs. 8. What is XQuery? XQuery is a W3C initiative to define a standard set of constructs for querying and searching XML documents. XQuery brings database query processing to XML. 9. What is XForm? XForm is an XML approach that overcomes the limitations of HTML forms. XForm includes a variety of buttons, scrollbars and menus. It generates XML form data as output. XForm's model has the capability to work with the variety of user interfaces. 10. What is XPath? Xpath is used to navigate XML tree structures. XPath gets its name from its use of a path notation to navigate through the hierarchical tree structure of an XML document. It is an important XML technology due to its role in providing a common syntax and semantics for functionality in both XSLT and XPointer. 11.what are complex types? complex types are an important aspects of xml schema that allow application developers to define application-specific datatypes that can be checked by programs that check XML document for validity. XML schema divides complex types into two categories: those with simple content & those with complex content. 12.what all are the presentation technologies? CSS - cascading syle sheets XSL - provides users with ability to describe how xml data & document are to be formated. Xforms - it is a GUI toolkit for creating user interfaces & delivering the results in XML. Xhtml - it is used yo replace HTML with more flexable approach to display webcontent. VoiceXML - it is an emerging standard for speech enabled application. 13.what are all the Transformation techniques? XSLT - it is an XML- based languages used to transform XML documents into others format such as HTML for web display. XLINK - highlighting that element or taking the user directly to that point in the document. XPATH - xpath gets its name from its use of a payh notation to navigate through the hierarchical tree structure of an XML document XQUERY - it is w3c initiative to define a standard set of constructs for querying & searching XML document. 14.Explain any two XForm implementations? X-Smiles - it is a java based XML browser.it implements a large part of X-forms & uses X-form together with XSL-FO on user interface side. Mozquito Xforms preview - is an XML based Web developement s/w that implements Xforms & gives current Web browser the ability to send,receive & process XML document. 15. Importants of SAX? SAX is an event driven. SAX supports processing pipelines. SAX requires programmers to maintain state. 16. What is Info Set? A W3C initiative to provide a consistent set of definitions for use in other specifications that need to refer to the information in a well-formed XML document. Info Set is the basis for a variety of XML technologies. Info Set supports distinctions that are important when different XML specifications must interoperate. 17. What is RDF(Resource Description Framework)? A foundation for processing metadata. It provides interoperability between applications that exchange machine-understandable information on the web. RDF emphasizes facilities to enable automated processing of web resources. 18. What is metadata? Literally data about data. XML element and attribute names are considered metadata in that they may be used to describe the data contained in a document. Metadata isn’t needed but it certainly helps. 19. What are the components of RDF? RDF is built on the following three definitions: Resources: All things described by RDF expressions are called resources. Properties: Properties are specific aspects, characteristics, attributes or relations used to describe resources. Statements: A statement consists of a resource, a property and a value. 20.What are RDF vocabularies? RDF is designed to have the following characteristics: 1.Independence. 2.Interchangeability. 3.Scalability. 4.Properties functioning as resources. 5.Values functioning as resources. 6.Statements functioning as resources. 21. Explain about cascading style sheet? Cascading style sheet is one of the presentation technologies of xml. CSS is an xml supporting technology for adding style display properties such as fonts, color, spacing to a web documents. CSS origins may be traced to the SHML world which used a style technolog7y called DSSL to control the display of SHML document Each rule is made up of a selector typically an element name such as an html heading or paragraph or a user defined xml element to the selector. Style rules have the following syntax: Selector {property: value} Multiple style declaration for a single selector are separated by a semicolon The following code has show how a css element can b added to a html or a xml document to define the color size properties. <STYLE TYPE=”text/css”> TITLE {font-size: x-large; color: red} </STYLE> 22. What is DTD? How is it different from XML? DTD stands for Document Type Definition DTD is a description of the structure & the elements and attributes that define a class of XML document. DTD can be declared both internally in a XML document and as an external reference. DTD Xml Schema 1. Dtd is used to define the structure of an xml document. 1. Xml schema is used to define the structure of an xml document. 2. Data type for elements limited to text. 2. Numerous predefined data types available. 3. Complex data types cannot be defined. 3. Ability to define complex type that map to application data structure. 4.Dtd document is stored as “filename.dtd” 4.Xml schema document is stored as “filename.xml” 23. What is XML? How it is different from HTML? Xml is the text based make up language that stores the data in a structured format using meaningful tags. It allows computers to store and exchange data in a format that can be interpreted by any other computer with different hardware or software specification. XML HTML 1.xml stands for Extensible markup 1. HTML stands for Hyper Text Mark Up language Language. 2.Several languages are derived from xml 2. HTML can be derived from xml. & wml 3. Xml uses indefinite, user defined, 3. HTML uses a fixed set of tags which can meaningful set of tags which can be used to be used to specify the appearance of the include XML data in the webpage. webpage. 24. Explain the creation of external DTD with example? A DTD may be external to an xml source document Syntax is: <! DOCTYPE root-element SYSTEM “filename”> Defining attributes in DTD <! ATTLISt element-name attribute-name attribute-type default-value> e.g. :<!ATTLIST payment type (DATA “check”) Example “document.dtd” <! ELEMENT memodoc(title,bodytext)> <! ELEMENT title (#PCDATA)> <! ELEMENT body text (#PCDATA)> <! ATTLIST title name (DATA “DTD example”) Xml code <? Xml version=”1.0”?> <! DOCTYPE document SYSTEM “document.dtd”> <memodoc> <title> External dtd </title> <Bodytext> This is the body of external DTd </bodytext> </memodoc> 25. What is valid xml document? If an xml document conforms to the rule set out by a DTD the xml is said to be valid with the respect to that DTD. UNIT –III 1. What is HTTP and its use? HTTP is an important building block for using XML as a Web-based messaging protocol. In 1992 that the face of the Internet was changed through the use of a simple request-response protocol known as HTTP. HTTP works much like FTP except that the contents of a file are delivered to a browser instead of a file system. 2. Explain GET command File. ‘GET Filename’ this command interpreted as a request to a server listening on port 80. The response of the server is either the contents of the requested file or a string indicating an error. HTTP gains its power from its simplicity and its explicit avoidance of transport lock-in. HTTP sits on top of TCP/IP, which is responsible for reliably moving data between Internet nodes. 3. What is POST command for? The POST command is a request for a server to do something with data delivered as part of the POST message. POST was included in the GTTP specification in order to deliver HTML from data to a server for processing by some server program. 4. Explain XML-RPC. XML-RPC, which does remote procedure calls over the Internet, is a great example of out-of-the-box thinking. In confronting the communication problem of how a program on machine A can get some code on machine B to run, XML-RPC ignores the difficulty entirely and delegates the transport to HTTP, focusing instead on the details of what to say, not how to get the message there 5. What data types does SOAP use? XML-RPC uses XML Schema data types to specify the parameter types of the procedure call. Data types include scalars, numbers, strings, and dates, as well as complex record and list structures. 6.What is SOAP? SOAP is Simple Object Access Protocol that offer platform,language And transport independence for data exchange between partners and Suppliers.SOAP is an XML-based protocol for exchanging informatiom in a decentralized distributed environment.the fundamental change brought about by SOAP has been the ability to move data anywhere across the web.SOAP has opened opportunities for extending the enterprise 7.What is HTTP? HTTP is an important building block for using XML as a web based messaging Protocol.The face of the internet was changed through the use of a simple request-response protocol known as HTTP.Both HTTP and FTP moves data across the Internet.FTP delivers data directly to disk while HTTP delivers it to browser fig 4.3 8.Describe HTTP GET command? HTTP is an important building block for using XML as a web based messaging protocol.Client request files from servers using a simple text string of the form “GET filename” The HTTP GETcommand request a web page .The HTTP POST command delivers information and receives information back Fig 4.4 9.Data Typing in XML-RPC. XML-RPC elements simply define a vocabulary to communicate information About a piece of code to be executed on some remote server.XML-RPC uses XML schema data types to specify the parameter types of the procedure call.Data type include scalars, numbers, strings and dates as well as complex record and list structure 10.Describe SOAP fault. SOAP fault occurs when an application cannot understand a SOAP message or when err or occurs during the processing of a message.The information that can be returned as a part of a fault includes the following: • SOAP code: SOAP defines a set of fault codes for basic SOAP Errors,although a an application may provide its own codes. • Faultstring: This element provide a readable explanation as To why the fault occurred. • Detail: The value of the detail element is that it provides information about the problem that occurred while processing the body element. If not present,it indicates that the problem did not occur in the body of the SOAP. 11. What is XML Protocol Working Group? The XML Protocol Working Group is W3C group formed in response to the submission of the SOAP1.1 specifications as the basis for a universal XML-based protocol. The formation of the working group signals the W3C’s willingness to consider extending the Web from a network that delivers documents and links to human users, to a network that supports communication between applications. 12. What is the goal of XML Protocol Working Group? The goal of the XML Protocol Working Group is the creation of simple protocols that can be deployed across the Web and easily programmed through scripting languages, XML and Web tolls. 13. What is SOAP with attachments? The SOAP with attachments document defines a binding for a SOAP message to be carried within a for Multi-Purpose Internet Mail Extensions (MIME) multipart/related message in such a way that processing rules SOAP messages are preserved. 14. When do SOAP faults occur? SOAP faults occur when an application cannot understand a SOAP message or when an error occurs during the processing of a message. 15. What are Message Paths in SOAP? An important aspect of SOAP is the provision for message paths. Independent of the transport protocol Used to send SOAP messages, messages may be routed from server along a so-called message path. 16.Define SOAP? SOAP stands for simple object access protocol SOAP is an xml based protocol for exchanging information in the decentralized distributed environment. It is a combination of xml and http and made for data transfer to web environment. 17. Define HTTP? HTTP stand for Hyper Text Transfer protocol.HTTP is a simple request response protocol. A HTTP delivers a file to a browser. HTTP transfer data between client and server. 18. Difference between SOAP and IIOP,ORPC & JRME? SOAP IIOP,ORPC,JRME i. Text based protocol that uses xml ii. Able to move more easily across firewalls. iii. SOAP is standard driven Binary protocols The process is somewhat tedious These protocols are vendor Driven 19.What are the parts in the SOAP message? SOAP message consists of these parts • SOAP Envelope: Outer most element of a soap message. A envelope element is a root of a xml document. • SOAP Header:It is optional usually header provides information about directing SOAP servers to do processing before passing the SOAP message. • SOAP Body: the xml document to be transported is loaded in the body element. 20 What is xml RPC? A protocol for doing remote procedure calls over the Web where the information about what procedure to call and what parameters to pass are encoded as xml in the body of an HTTP POST request to a server. 21. Define SOAP? • SOAP is an xml based protocol for exchanging information in a decentralized environment . • It is a combination of xml and http and made for data transfer through web environment. • SOAP allows xml to move easily over the web. So defines an xml envelop for delivering the xml content and gives a set of rules for servers to do this job. • SOAP consists of three parts: 1. Encoding rules that control XML tags that define a SOAP message and a Framework that describe message content. 2. Rules foe exchanging application-defined data types, including when to accept or discard data or return an exception to the sender. 3. Conventions for representing remote procedure calls and responses. 22. Which are the environments that supporting SOAP? • Web services frameworks used SOAP as the transport technology. • The .Net from Microsoft support SOAP. • SUN is using SOAP, in its web services framework “SUN OPEN NET” environment (SUN1). • IBM provides SOAP protocol tools. • CORBA vendors such as Iona are supporting SOAP in the form of CORBA to SOAP bridges. 23. Define SMIL? * It uses xml. It can be used to define instructions for the creation of web based interactions multimedia presentation . It can be used to control animation in browsers instead of using technologies such as flash and java can be used to describe 1. Multimedia presentation 2. Adding hyperlink to media object 3. Layout of screen presentation * XML 2.0 is a w3c standard recommendation . * The advantages of SMIL are 1. Faster and easier development. 2. Supported in internet explorer 5.5, real player, windows media player and adopts SIG plug- in. 3. Not necessary to enable java script in the browser. 4. Faster animation than flash. 24. Give a brief discussion about SMIL elements? • SMIL provides elements to draw graphics and also to coordinate them over time. SMIL uses timeline to perform this. • Timeline can be used to schedule running of different complex multimedia objects . • The different timeline elements are 1. seq->For animations that run one after another. 2. par->For animation that are all run at the same time. 3. excl->For exclusive elements.(animation which pause all other time line when they run.) 25. Define SMIL modularization? *. SMIL is usually broke into modules. *. A module contains semantically related xml elements, attributes and attribute values. *. SMIL languages profile can be used to combine modules to provide the functionality required by a specific application. *. Modularization enables language designers to specify dedicated markup intended for integration with other existing XML languages,such as MathXML and XForms. *. The use of modules in SMIL is based on work done with XHTML modularization. *. A module is a collection of semantically-related XML elements,attributes, and attribute values that represents a unit of functionality. Unit-IV 1. What is Web Services? Web service is a technology, a process, and a phenomenon. As a technology it is a set of protocols that builds on the global connectivity made possible by SOAP and HTTP. As a process, it is an approach to s/w discovery and connection over web. As a phenomenon, it’s an industry wide realization. 2. What are the things available in Web Services? 1. Describing: Web services describe its functionality and attributes 2. Exposing: Web services register with a repository that contains a white pages holding basic service-provider information, a yellow pages listing services by category, and a green pages describing how to connect and use the services. 3. Being invoked: When a web service has been located, a remote application can invoke the services. 4. Returning a response: When a service has been invoked, results are returned to the requesting application. 3. What Qualifies as Web Services? A Web service is anything that can define itself via an internet. The things that can be expressed as web services: 1. Software Component or Application 2. A Movie review 3. A travel package 4. List out the advantage of Web services technology? 1. Decide on the service it wants to provide 2. Pick a registry for uploading it’s information 3. Decide how to list its service at the registry 4. Define explicitly how users can connect to its service 5. What are the major aspects of Web service technologies? o A service provider provides an interface for software that can carry out a specified set of tasks. o A service requester discovers and invokes a software service to provide business solution. o A repository or broker manages and publishes the service. Service providers publish their services with the broker, and requests access those services by creating bindings to the service provider. 6. List out the key technologies? UDDI is a protocol for describing Web services components that allows businesses to register with an Internet directory and advertise their services. WSDL is the proposed standard for describing a Web services. WSDL is built around an XML-based service Interface Definition Language that defines both the service interface and implementation details. SOAP is a protocol for communicating with a UDDI service. 7. What is UDDI? UDDI means Universal Description, Discovery and Integration. UDDI is a protocol for communicating with registries. The core of UDDI is the UDDI Business Registry, a global, pubic, online directory. 8. What are Web Services Registry Directories? White Pages: holding basic service-provider information Yellow Pages: listing services by category Green Pages: describing how to connect and use the services. 9. What is WSDL? WSDL is Web Service, Definition Language. WSDL is the piece of Web services framework that describes how to connect to web service providers. The WSDL specification supports the building of web based computing services that target computer programs rather than human users. • • • • 10. What are the risks in Web Services? Maturity: Different implementation may not work together. Security: SOAP messages on port 80 bypass firewalls. So network administrator has to implement necessary security to prevent attacks. Transaction: Transaction must be specified outside the web services framework such as .NET or J2EE. Configuration Management: Change management is not addressed. 11. What is ebXML? ebXML is Electronic Business XML. It adds process to e-business interaction. It represents a global initiative to define processes that can interact over the web. The effort of ebXML includes multiple specifications that define standard ways to exchanging business message, communicating data and defining and registering business processes. 12. What is Transaction? Transaction is a set of software operation that should satisfy the ACID properties of transactions. The ACID properties are Atomicity: either all of the operation should be performed or none of them should be performed Consistency: refers to data consistency Isolation: only one transaction can manipulate data at a particular time. Durability: the recoverability of the updated data even when a failure occurs after the commit operation is performed. 13. What is Identity? Web based network services need a way to authenticate and validate users. To do this system validates the user based on permissions stored in some database to determine what the user can and can’t do. 14. What is passport? Passport is Microsoft’s single-sign-on authentication service that allow users to access web size and services. Microsoft’s Passport maintains identity across a variety of applications. Passport has been integrated with Microsoft’s Hotmail email service and is the entry of .NET My services. 14. What is .NET? .NET is a Microsoft framework. Microsoft .NET is a strategy for delivering s/w as service across the web. The .NET initiative represents a development framework that integrates earlier Microsoft technologies with newer technologies built around XML. ♦ ♦ ♦ ♦ 15. What are components of .NET architecture? The .NET architecture includes several technology components: Development Tools: set of languages, including C# and VB.NET, a class library for building web service and web, Common Language Runtime (CLR) to execute object within this framework. Specialized servers: to provide functionality for related data storage, e-mail and B2B commerce Web services: support services such as passport and .NET My services Devices: .NET enabled non-PC devices, from cell phones to game boxes. 16. What are the components of .NET Platform? The main components of .NET Platform are, Operating System Series of .NET Enterprise Servers .NET architecture is VisualStudio.NET (VS.NET) 17. What are the key ingredients of the .NET Framework? The key ingredients of .NET Framework are, Common Language Runtime (CLR)] Common framework of classes that can be used by all .NET languages 18. What is J2EE? J2EE is the Java-centric enterprise platform specification. J2EE is used to built web sites and application around Enterprise Java Bean (EJB.). Recently it has been extended to include support for XML and Web Services. 19. What is SunONE? SunONE is Sun’s opened net environment. It is a framework for creating and deploying web services from Sun’s J2EE framework. It relies on XML, SOAP and Java to add Web Services extensions to bridge a gap between the loosely coupled and tighyly coupled object framework. 20. What is ECLIPSE? Eclipse is an open-source, Java-based software platform designed for buildings IDEs. Eclipse is an effort to reduce the complexity associated with building applications that rely on other applications and services. 21. What is BEA? BEA is an application service provider that targets e-business solutions. BEA WebLogic server, a java-based middle-tier server that integrates Web-based front ends with back-end data stores. 22. What are the components of BEA WebLogic E-Business Platform? BEA WebLogic Server BEA WebLogic Integration BEA WebLogic Personalization Server 23. List out the different type of Adapters? Input and output adapters for specifying XSLT style sheets to transform service requests to the XML format required by service Protocol adapter to connect with Web services using HTTP, JDBC, SMTP, and SOAP Execution adapters to execute service requests in a particular flow, relaying a request to contact a service provider, and relaying the response. 24. What is Oracle? The Oracle 9i web service framework provides an infrastructure that support development, management and deployment to portals, exchanges, and other internet and mobile applications. It uses XML as a common access method. 25. List out the Web Service Pack in J2EE? Java API for XML Processing (JAXP) Java Architecture for XML Binding (JAXB) Java API for XML Messaging (JAXM) Java API for XMP Remote Procedure Calls (JAX-RPC) Java API for XML Registries (JAXR) Unit-V 1. What is XKMS? XKMS is a W3C initiative that targets the delegation of trust processing decisions to one or more specialized trust processors to give businesses an easier way to manage digital signatures and data encryption .Instead of relaying on proprietary public-key infrastructure implementations, companies can use standard interfaces to work with different vendors to handle issues surrounding digital certification checking, revocation status checking, and validation. 2. Define XKMS structure? XKMS specifies protocols for distributing and registering public keys and is suitable for use in conjunction with the proposed standard for XML signature and as a companion standard for XML encryption. XKMS has two parts • XML key information service specification(X-KISS) • XML key registration service specification(X-KRSS). 3. Define X-KISS? This defines a protocol for a trust service that resolves public –key Information contained in documents that conform to the XML signature specification. A basic objective of the protocol design is to minimize the complexity of application implementations by allowing them to become clients and there by to shielded from the complexity and syntax of the underlying PKI used to establish trust relationships. 4. Define X-KRSS? This defines a protocol for a web service that accepts registration of public – key information. Once registered the public key may be used in conjunction with other web services including X-KISS. • • • • 5. Steps involved in XML encryption? Selecting the XML to be encrypted. Converting to canonical form if using entities or namespaces with prefixes. Encrypting the resulting canonical form using public –key encryption. Sending the encrypted XML to the intended recipient. 6. What are digital signatures? A digital signature guarantees document authenticity. In combination with Public-key encryption it is used to authenticate the identity of the sender by encrypting with a private key and to validate the content of the message by transmitting a copy of the digital hash of the message. Digital signatures can be used in a range of applications from online credit card purchases to the verification of complex legal documents. 7. What is single-key cryptography? Single-key cryptography is the basis for classic encryption. In the past, the encryption systems used a single secret key for encoding and decoding information. However, singlekey encryption systems face the problem of making the single key known to the message recipient. In electronic commerce, single-key systems are effective for secure communication between fixed devices such as ATM machines and servers. However, single-key cryptography does not work well on the web. 8. What is public key cryptography? Public-key cryptography enables secure communication between parties without the need to exchange a secret key. Public-key cryptography uses a complex mathematical formula to generate two separate but related keys, one open to public and the other private, known only to one individual. Encrypting with a public key ensures confidentiality. It is the basis for privacy, authentication, data integrity, and non repudiation. 9. What are the xml security technologies? The W3C is driving three XML security technologies: * XML Digital Signature * XML Encryption * XML key Management Services 10. Write the steps for XML Encryption? 1. Selecting the XML to be encrypted. 2. Converting to canonical form if using entities or namespaces. 3. Encrypting the resulting canonical form using public-key encryption. 4. Sending the encrypted XML to the intended recipient. 11. What is OFX? The OFX specification is an XML-based language that enables brokerage clients to download account information directly into their accounting or tax-preparation software. OFX also supports the exchange of financial information among financial service companies, their technology out sources and consumers using web an PC based software. The focus of OFX XML vocabulary is on data exchange, not on data storage. 12. What is HR-XML? HR-XML defines a common vocabulary for storing human resources data. It is a nonprofit consortium dedicated to enabling an XML-based e-commerce and human resources data interchange format. 13. What is OASIS? The Organization for Advancement of Structured Information Standards(OASIS) is a non profit international consortium that creates interoperable industry specifications based on public XML and SGML standards. OASIS is an organization that tracks and promotes XML standards. It maintains directories of industryspecific vocabularies. 14. Explain about SVG? SVG is an alternative to delivering GIF or JPEG images to browsers. SVG is a Recommendation that defines an XML grammar for creating vector-based 2D Graphics for the Web and other applications Because SVG is defined as an XML grammar, SVG graphics can easily be generated dynamically on the Web Server using standard XML tools and delivered with a style sheet to a browser for rendering. 15. What is SMIL? SMIL is a broad-based effort to use XML instructions for the creation of webbased interactive multimedia presentations. SMIL provides an XML alternative to technologies such as Flash or JavaScript that are widely used to control animation in browsers. 16. What is SMIL and its uses? => SMIL is the acronym of Synchronized Multimedia Integration Language. => It can be used to define instructions for the creation of web based interactive multimedia presentations. => SMIL can be used to describe, * Multimedia presentations. * Adding hyperlinks to video objects. * Layout of screen presentation. 17. What are the advantages of SMIL? * Faster and easier development. * Supported in IE5.5,real player, windows media player and ADOBE1.5 SVG plug-in. * Not necessary to enable JavaScript in the browser. * Faster animation than flash. 18. List out the SMIL elements? => SMIL provides elements to draw graphics and also to coordinate them over time. => SMIL uses time, line, and it can be used to schedule running of different complex Multimedia objects. => The different timeline elements are, * Seq :- For animations that run one after the another. * Par :- For animations that all run at the same time. * Excl :- For exclusive elements that animation which pause all other timeless when they run. 19. What are the three basic security requirements for e-business and explain? => The three basic security requirements are, * Confidentiality * Authentication * Data Integrity 1. Confidentiality - Ensuring the information is not made available or disclosed to unauthorized Individuals, entities or processes. Someone eavesdropping on a conversation or tapping into a Data stream should not be able to understand the communication. 2. Authentication - Closely associated with authentication is non repudiation. For a business transaction to be valid, neither party should later be able to deny participation. 3. Data Integrity - Ensuring that when information arrives at its destination it hasn't been tampered with or altered in transit from its original form, either accidentally or deliberately. 21. What is data integrity? Ensuring that information arriving the destination has not been tempter with or altered form is original form either accidentally or purposely. 22. Guidelines for Signing XML Documents? XML relies on substitution and transformation Content of external style sheet should be signed if its referred The information that was presented must be signed Transformations may alter content, so the transformed data should be signed The security of overall system depends on the security and integrity of procedures and personnel as well as well as procedural enforcement 23. What are the steps included during the creation of a core canonical form? • Encoding the document in the Universal Character Set UTF_8 • Normalizing line breaks before parsing • Replacing character and parsed entity References • Converting Empty Element to start-end tag pairs 24. What is the XML security framework? W3c is driving three xml security technologies: -XML Digital Signature -XML Encryption -XML Key Management Services 16 –marks UNIT I 1.Roles and Advantages of XML Roles: • Xml is a metalanguage defined by w3c. • Xml is a set of rules and guidelines for describing structured data. • Xml goes beyond its technical specification. • Xml has been the driving force behind other standards and vocabularies. • Xml is a specification for defining new markup language. • Xml give rise to vertical industry vocabularies in support of B2B e-commerce. • Horizontal vocabularies provide service to wide range of industries. • Xml influence has been felt in three waves,from industry specific vocabularies to horizontal industry applications to protocol. • Xml has enabled industry vocabularies and protocol. Advantages: • Xml files are human-readable.It was designed as text. • Widespread industry support exists for Xml.Tools and utilities are provided with web browser,database,operating system. • Major relational databases have the capability to read and generate Xml data. • Xml support the interpretation and transformation of Xml data for webpage display and report. • Xml must be compatible with XGML. • Xml design must be formal and concise. 2.Explain briefly XML:The Three Revolutions The three revolutions are, Data Revolution Architecture Revolution Software Revolution Data Revolution: *Understood how data was formatted and how process it *Provide alternatives to specialize EDI * XML enables the creation of program independent data formats *Explain about XML: Origin and Cultures -XML’s origin arein SGML -XML has emerged from a document culture -XML opens up options for treating code as data Architectural Revolution: The XML technologies provide way to move from tightly coupled system based on existing established infra structures such as CORBA,RMI and DCOM to loosely coupled system which can work on the standard TCP/IP protocol. Software Revolution: XML helps to build software in this revolutionary way.The new idea is to create building blocks that can be used in combination with other building block that are existing or yet to be created. 1. 2. 3. 3.Explain WebServices. Webservices is both a process and set of protocols for finding and connecting to Software exposed as services over the Web. Webservices builds on a SOAP foundation & facilitates software interaction. Webservices Architecture: Webservices=repository+client+provider. A service provider -- interface for software that can carry out a specified set of tasks. A service requester--discovers and invokes a software service to give business solution. A service provider—manages & publishes the service. Key Technologies. • UDDI-Universal Description, Discovery and integration. A protocol for describing web services components. UDDI allows businesses to register with an Internet directory so they can advertise their services and companies can find each other and carry out transactions over the web. • WSDL – Web services Description language. An XML description of both the service interface & the implementation details of how to connect to and use a particular Webservice. • SOAP-Simple Object access protocol. -An XML based protocol for exchanging information in a decentralized & distributed environment. -SOAP is a protocol for communicating with a UDDI service. Web Services Risks: 1.Maturity 2. Security 3.Transactions 4.Configuration Management. ebXML: ebxml adds process to e-business interaction. UN/CEFACT & OASIS are key players behind ebXML. ebXML Technologies: The Technical architecture consists of 1.Messaging 2.Business processes 3.trading Partner profiles and agreements 4.Registries & repositories 5.Core components. 4.Explain XML & DTD. A DTD is used to define the structure of an XML document.A DTD may be used by both sender and receiver of XML.Senders used to create Xml.Receiver used to compare the received document against the dtd. A dtd can be declared in two ways. i. Internal DTD ii. External DTD Internal DTD: The DTD can be declared within the Xml document.The syntax for using internal dtd is <!DOCTYPE name of dtd[describe the elements]>. Example for internal dtd. External DTD: The dtd can be declared as an external interface.It may be an external to an Xml source document.The syntax for using external dtd is <!DOCTYPE root-element SYSTEM “filename”>. Example for external dtd. Defining attributes in dtd: The syntax for specifying attributes in dtd is, <!ATTLIST element-name attribute-name attribute-type default-value> Example for defining attributes. Possible attributes type: Explain the possible values with their explanation.Some of the values are CDATA,ID,IDREF,IDREFS,ENTITY………. Default attribute values: Specifying the default attribute value means if the user does not assign any value to the attribute then a default value will be assigned.Explain the possible default values with their explanation.The default values are value,#DEFAULT,#REQUIRED,#IMPLIED,#FIXED. 5.XML Language Basic XML stands for "Extensible Markup language " a language developed by world wide web consortium(W3C). It is defined as meta language because it is used to define other languages through use of markup tags, which add structure and meaning to documents. XML Fundamentals Elements Elements are the primary means for describing data in XML Elements used in three ways: Simple Content Element as container for other Elements Empty Element as container for Attributes Element Naming Rule Names can contain letters, and characters. Names must not begin with a number or punctuation. Names must not start with the string "xml" in any upper or lower case form. Names must not contain spaces. Attributes It provides additional information about the elements. Element Versus Attributes Reason for not using attributes: Entities Entities are used to substitute one string for another in an XML document. Types of Entities: Predefined Entities Parameter Entities CDATA When an XML data is parsed, all the XML is processed except the data inside the CDATA section. Unit – II 1. Explain briefly xml Transformation? Xml is supported by several technologies that allow xml to be manipulated and modifies in various ways. These technologies include XSLT, XLink, XPath, and XQuery. + XSLT: XSLT is used to transform an xml document. XSLT uses templates and rules. The transformation language XSLT may be used to Transform xml into a variety of formats(fig2.15).XSLT and css may complement each other. XLink: XLink will enable bidirectional web linking. XPath: XPath is used to navigate xml tree structure. Explain from (fig2.16).XPath is used to specify nodes using their location in an xml tree. XQuery: XQuery brings database query processing to xml, Flattening, changing structure by nesting. Changing structure by explicit grouping, sorting. Tag variables. 2. Explain briefly XML Schema: A xml schema is used to define the structure of xml document. The schema defines the list of element, the order in which that must appear in xml document and attributes that can be used in xml document. Datatype used in a XML Schema: XSD provides a list of predefined data type. These data types can be classifies as follows. • Primitive: String, Decimal, Float, Boolean, Time Duration, Required Duration. • Derived: Integer, long, non-negative integer, positive integer, int, Time, Date. • Atomic: Atomic data type are those datatype that cannot be broaden down into smaller unit • List : List Datatype or derived data type that contain a set of value of an atomic datatype. • Union: Union datatype are derived from atomic and list datatype. • XML Processing: When xml arrives as the server both validation and processing can be performed by xml parses. xml parsing and processing there are two alternatives. Document object Model(DOM): Simple API for xml(SAX): 3.Explain about Presentation Technique? Xml presentation technologies provides a modular way to deliver and display content to a variety of devices. It examine some technologies for display including css,xsl, xforms, xhtml, voicexml. CSS: CSS is used to control document display. Explain from fig(2.10).CSS is aW3C Recommendation XSL: XSL began as an effort to provide a better css. XSL is based on applying rules or template to an xml document. CSS compared to XSL(Table2.1). XForms: Forms are widely used in all aspects of ecommerce. XForms delivers xml. XForms implementation.XForms provides a standard way to collect from data through a variety of device interface (fig2.12) XHTML: XHTML brings HTML into conformance with xml. XHTML modules build a base for the future. XHTML allows specialized markup languages to be developed. The Structure of XHTML(fig 2.13); Voice xml: Void xml uses xml text to drive voice dialogs. Voicexml documents are used to drive voice interactions over conventional or wireless phones(fig2.14).voice xml supports both forms and menus. 4.Short notes on XML Namespaces? Namespaces eliminates the ambiguity of the same name from different providers. Namespaces use URLs to distinguish names. The XML namespaces recommendation allows identical element names from different sources to be distinguished. Namespace Declarations: The simplest approach is to declare a namespace is a top-level element and let all the element and attributes under the top-level element come under the scope of the namespace. <school:subject>maths</school:subject> <cs:subject>xml and ws</cs:subject> Namespace Abbrevations:Namespace abbreviations may be used to simplify writing and reading the xml. 5. Explain briefly DTD? DTD can be used by both sender and receiver of xml. DTDs are written using a different syntax from XML.DTDs define the elements and attributes. DTSx are not able to distinctions about datatype. XML and DTDs: A DTD can be declared either within xml document or external document. Internal DTD that begins with “<!DOCTYPE and ends with “]>”. External DTD : <!DOCTYPE root-element SYSTEM”filename”> Defining Attributes in DTDs: DTD may also be used to specify attributes using the following form. <!ATTLIST element-name attribute-name attribute-type default-value> some of the attribute-type in a xml DTD(Table A-1) Default Attribute value: The syntax for default attribute values is as follows: <!ATTLIST element-name attribute-name attribute-type “default-value”> some of the default attribute values in DTD(TableA-2) Implied Attribute: The syntax for implies attribute value is as follows: <!ATTLIST element-name attribute-name attribute-type #IMPLIED> UNIT – III 1. Briefly Explain About HTTP & XML-RPC HTTP HTTP is an important building block for using XML as a Web-based messaging protocol. In 1992 that the face of the Internet was changed through the use of a simple request-response protocol known as HTTP. Figure 4.3 shows that HTTP works much like FTP except that the contents of a file are delivered to a browser instead of a file system. The first HTTP specification written by Tim Berners-Lee is a study in simple elegance. Clients request files from servers using a simple text string of the form: GET Command ‘GET Filename’ this command interpreted as a request to a server listening on port 80. The response of the server is either the contents of the requested file or a string indicating an error. HTTP gains its power from its simplicity and its explicit avoidance of transport lock-in. HTTP sits on top of TCP/IP, which is responsible for reliably moving data between Internet nodes. Post Command: The POST command is a request for a server to do something with data delivered as part of the POST message. POST was included in the GTTP specification in order to deliver HTML from data to a server for processing by some server program. Difference between GET & POST XML-RPC XML-RPC, which does remote procedure calls over the Internet, is a great example of out-of-the-box thinking. In confronting the communication problem of how a program on machine A can get some code on machine B to run, XML-RPC ignores the difficulty entirely and delegates the transport to HTTP, focusing instead on the details of what to say, not how to get the message there. Data Typing XML-RPC uses XML Schema data types to specify the parameter types of the procedure call. Data types include scalars, numbers, strings, and dates, as well as complex record and list structure. The XML-RPC specification places a number of minimal requirements on the XML, including the following: • The XML payload must be well-formed XML and contain a single method Call structure. • The method Call element must contain a method Name sub-item consisting of a string that names the method to be called. • If parameters are required, the method Call element must contain a params sub-items that contains individual param elements, each of which contains a single value. XML-RPC Responses The job of the server is to process the XML-RPC request for the execution of some piece of code and return a value to the client. XML-RPC specifies that the response to a procedure call must be a single XML structure, a method Response, which can contain either the return value packaged in a single params element or a fault element which contains information about why the fault occurred. 2. Explain about SOAP message, design patterns, faults, and SOAP with attachments. SOAP Message Structure SOAP consists of 3 parts Explain SOAP envelop Explain SOAP header Explain SOAP body SOAP Design Patterns Software architecture pattern provide a high level conceptual view of a software system. There are 2 types of architecture patterns. *Layer Pattern *Pipe and Filter SOAP FAULTS Faults occur when application couldn’t understand soap message. Soap faults are • Fault code • Fault string • Detail SOAP with attachments SOAP provides a protocol to deliver XML across the Internet. But not only XML needs to be transported but also other related documents such as DTDs, schema, Unified Modeling Language diagrams, faxes, public and private keys and digests that may be related to XML. SOAP and Firewalls Soap’s global reach is made possible by its alliance with HTTP, the Internet protocol that is the basis for moving data back and forth from Web servers to browers.HTTP works by accessing Web servers on port 80, which is kept open for Web traffic 3. Explain briefly SOAP Intermediates, Actors, Design and Patterns, Faults. SOAP Intermediaries: SOAP Intermediaries are an essential aspect of building scalable web based distributed system A SOAP compliant server must be able to act as a SOAP intermediary capable of processing and forwarding SOAP Message SOAP intermediaries are specified by their URIS Syntax: <SOAP_ENV: Header SOAP_ENV:actor-http://yourserver.com ….> SOAP & ACTORS: If SOAP actor attribute is not present in a header, then recipient of message is the final destination, while receiving SOAP Message. Identify parts of message intended for application Process it If parts of message could not be identified, it’s ignored. SOAP DESIGN PATTERNS Patterns provide a structure within which components can be designed and integrated. SOAP DESIGN PATTERNS ARE • It reflects pipe and fifterpattern just like UNIX system • Firewalls by using port 80 Soap support intermediaries along data path • Sax -simple API for xml parsing supports intermediaries along an xml parsing path. • • Filters used to perform complex tasks. Layers like osi layer concept are also adopted here. SOAP FAULTS Faults occur when application couldn’t understand soap message. Soap faults are • Fault code • Fault string • Detail 4. Explain briefly SOAP with attachments. A. SOAP provides a protocol to deliver XML across the Internet. But not only XML needs to be transported but also other related documents such as DTDs, schema, Unified Modeling Language diagrams, faxes, public and private keys and digests that may be related to XML. Attachments The SOAP with attachments document defines a binding for a SOAP message to be carried within a Multi-Purpose Internet Mail Extensions (MIME) multipart/related message in such a way that processing rules for SOAP messages are preserved. The MIMIE multipart mechanism for encapsulation of compound documents can be used to bundle entities related to the SOAP message, such as attachments. SOAP and Firewalls Soap’s global reach is made possible by its alliance with HTTP, the Internet protocol that is the basis for moving data back and forth from Web servers to browers.HTTP works by accessing Web servers on port 80, which is kept open for Web traffic. The W3C and SOAP The XML Protocol Working Group is W3C group formed in response to the submission of the SOAP1.1 specifications as the basis for a universal XML-based protocol. The goal of the XML Protocol Working Group is the creation of simple protocols that can be deployed across the Web and easily programmed through scripting languages, XML and Web tools. Taking SOAP to the Next Level Going beyond the simple use of SOAP to exchange data, several options are emerging that use SOAP as their base protocol.. Other options include Electronic Business XML and Web services. 5. Explain briefly about SOAP? Definition: SOAP is an XML-based protocol for exchanging information in a decentralized distributed environment. It was a combination of XML and HTTP made for data transform through web environment. The Road to SOAP *Explain about EDI *Explain about HTTP Data Type: XML-RPC uses XML schema data type to specify the parameter type of the procedure call. Data type includes scalars, number, string, and dates as well as complex record and list structures. SOAP Protocol: The transport protocol used by CORBA, DCOM, RMI or IIOP, ORPC, JRMI IS respectably. SOAP Overview (1)Encoding rules that control XML tags. (2)Rules for exchange application defined data type. (3)Conventions for representing remote procedure calls and responses. SOAP Message Structure SOAP consists of 3 parts Explain SOAP envelop Explain SOAP header Explain SOAP body SOAP Design Patterns Software architecture pattern provide a high level conceptual view of a software system. There are 2 types of architecture patterns. *Layer Pattern *Pipe and Filter Unit – IV 1. Explain about Web Services Technologies? Web Services Technologies Web services depends on several enabling technologies SOAP, UDDI,and WSDL. The Web Service Architechture •A service provider •A service requester •A repository or broker Key Technologies: •UDDI •WSDL •SOAP UDDI UDDI is a protocol for describing Web services components that allows business to register with an Internet directory so they can advertise their services and complaies can find each other and carry out transactions over the web. UDDI framework specifications •The UDDI Programmer's API Specification •The UDDI Data Structure Specification UDDI Failure And Recovery WSDL WSDL is the proposed standard for describing a Web service. It is the piece of the webservice framework that describes how to connect to web services. the WSDL specifications supports the building of web based computing services that target computer programs rather than human users. Risks of WEb Services: •Maturity •Security •Transactions •Configuration Management Web services pros & cons SOAP SOAP is a protocol for communicationg with a UDDI service. SOAP simplifies UDDI access by allowing applications to invoke object methods or functions residing on remote servers. The advantage of SOAP is that it can use universal HTTP to make a request and to receve a response. SOAP requests and responses use XML not only to target the remote method but to [ackage any data that required by the method. 2. Explain about ebXML? ebXML Electronic Business XML represents a global initiative to define processes around which business can interact over the Web. It is the technology aimed at bringing the benefits of B2B data exchange to global audience of small,medium, and large businesses. The broad effort of ebXML includes multiple specifications that define standard ways of exchanging business messages,conducting trading relationships,communicationg data in common terms, and defining and registering business processes. The key players behind ebXML •UNICEFACT •OASIS Supporters of ebXML •RosettaNet •EDI •Global Commerce Initiative •Open Applicaton Group Inc •Other industry groups ebXML Technologies ElectronicBusiness XML is based on a set of building blocks that makes use of existing standards wherever possible. The technical architecture consists of several pieces: •Messaging •Business process •Trading partner profiles and agreements •Registries and Repositories •Core Components ebXML Terminology •Registry •Business Processes •Collabration Protocol profile(CPP) •Business Service Interface •Business Messages •Core Library •Collaboration Protocol Agreement(CPA) •SOAP 3.Explain about Soap,WebServices and E-Commerce? Soap provide loosely coupled message based architecture for performing interaction. However to use the loosely coupled web space for commercial server based interaction. It is very necessary to add transactional capability. To add transactional capability middleware are depended which has it roots in tightly coupled object system. TRANSACTION A transaction is a set of software operations. A transaction should satisfy the following properties called ACID properties. 1.AtomicityEither all of the operations should be performer or none of them may be performed. 2.ConsistencyRefer to data consistency. 3.Isolation Only one transaction can manipulate data at a particular time. 4.Durability It means that update made by a committed transaction persist in the database regardless of failure that occur alter the commit transaction. SECURITY The secured socket layer and transport layer security protocol and doing well for web based E-Commerce. Soap and Web service protocol Doesn’t address security issue. Soap specialized security implementation for transaction Xml on .NET and J2EE. IDENTITY Web based network need a way to authenticate and validity user. To do this system validate user based on permission stored in database. PASSPORT Passport Microsoft authentication service that allow user that as the website and services. The passport can be integrated in Microsoft hotmail E-mail service and entry for Microsoft .NET services. The Liberty Alliance Project: It is a alternative to passport. It is used to create universal digital identity service based on open service. 4. Explain about .NET? • .NET is a Microsoft framework. • Microsoft’s .NET is an umbrella term that describes Microsoft’s strategy for delivering software as services across the web. • .NET is an initiative represents a development framework that integrates earlier Microsoft technologies with newer technologies built around XML. • .NET allows developers to build a service-oriented consciousness into software up front rather than as an afterthought. • The .NET architecture includes several technology components: 1. 2. 3. 4. • 1. 2. 3. 4. 5. Development tools. Specialized servers. Web services. Devices. The .Net platform consists of five main components: Operating system layer. .NET building block services. .NET framework. .NET servers Visual Studio .NET. • A Common Language Runtime supports different languages for .NET development. • The .NET framework is architected around a unified hub and spoke programming model designed to make different languages interchangeable. • The .NET approach to software integration is based on a hub and spoke configuration where a variety of languages are translated into a CLR. • COBOL can be used to develop .NET applications Unit: V 1.Explain briefly about the security? Three Security requirements *Confidentiality=>Ensuring that informations not made available to unauthorized individuals. *Authentication=>Ability to determine that the message really comes from the listed sender. *Data integrity=>Ensuring that when information arrives at its destination. Enoding and decoding methods *Single-key cryptography =>Both the sender and receiver should know the secret key. =>Each key is replaced eg: a with b, b with c. so on Disadvantage: =>decoding key must be communicated from sender to revceiver. =>It does not scale to the web. *Public key cryptography =>Based on complementory public and private keys. =>No need to exchange a secret key. =>use mathematical formula to generate key. Confidentiality=>Encryption with public key ensures it. Authentication=> Encryption with private key ensures it. Data Integrity=>Ensures that the message received is the messane sent Digital integrity: =>It is like writing your name across the face of a document. =>It guarantees document authenticity. Managing certificates and private keys; =>Represent trusted entites in websecurity. =>limited lifespans for allow changes in circumstance. 2.Explain briefly about i) XML Security Framework ii)XKMS XML SECURITY FRAME WORK W3c is driving three xml security technologies: -XML Digital Signature -XML Encryption -XML Key Management Services XKMS - XKMS is a w3c initiative - targets delegation of trusts processing decisions to one or more specialized trust processors - it is one of the three w3c specification that define the xml security architecture XMS STRUCTURE - specifies protocol for distributing and registering public keys - suitable for use in conjunction withproposed standard - XKMS has two parts - 1.the xml key information service specification(X-KISS) - 2.xml key registration service specificayion(X-KRSS) X-KISS - defines a protocol for a trust service - basic objective is to minimize the complexity of applicatrion implementation - the xml signature specification does not mandate use of a particular trust policy X-KRSS -defines aprotocol for a web service that accepts registration of public key -a client service may request that reregistration service bind information to public key -the protocol provides for the authentication 3.Explain briefly about i) XML Digital Signature ii) Guidelines for signing XML documents XML Digital Signature The XML digital signature specification defines boyh the syntax and rules for processing XML digital signature.signatures provide integrity,message authentication and signer authentication services for data. Digital signature Elements The elements are • SignedInfo-information that is actually signed • CanonicalizationMethod-indicates algorithm used to canonicalize the signed element • SignatureMethod-specifies algorithm used to convert the canonicalized signedInfo into signature value • Reference-includes the method to compute the digital hash and the resulting digest value • KeyInfo-indicates the key used to validate signature. • Transforms-list of processing steps applied to resources content before digest is computed • Digestmethod-specifies algorithm applied to data after Transforms is applied. • DigestValue-holds value computed on the data being signed Steps in signature generation 1. create a SignedInfo element with signatureMethod,CanonicalizationMethod,and References 2. canonicalize the XML document 3. calculate the SignatureValue based on algorithms specified in SignedInfo. 4. construct the signature elements that includes signedInfo,KeyInfo and SignatureValue. Guidelines for Signing XML Documents XML relies on substitution and transformation Content of external stylesheet should be signed if its referred The information that was presented must be signed Transformations may alter content ,so the transformed data should be signed The security of overall system depends on the security and integraty of procedures and personel as well as well as procedural enforcement 4.Explain briefly about i) canonicalization ii)XML Encryption CANONICALIZATION: XML canonicalization is the use of an algorithm to generate the canonical form Of an XML document. XML is subject to surface representation changes or to processing that discards some information. The steps during the creation of a core canonical form include • Encoding the document in the Universal Character Set UTF_8 • Normalizing line breaks before parsing • Replacing character and parsed entity References • Converting Empty Element to start-end tag pairs Steps in canonical form: encoding the document in the universal character set UTF-8 normalizing line breaks before parsing normalizing attribute values replacing characters and parsed entity references replacing CDATA sectionswith their character content removing type declaration and document type declaration converting empty elements to start end tags normalizing white spaces setting attribute value delimiters replacing special characters in attribute values and character content removing superfluous namespace declarations from each element adding default attributes to each element XML ENCRYPTION -support encryption on all part of the xml document -allow encryption any of the following * the entire xml document * an element and all its subelement * content of an xml element * referance to a resource outside the document Additional information is provided since XML Encryption is not locked -Encrypted content-information itself or referance to the location of the data -Keyinformation-information or referance to information Steps in xml encryption 1.select the xml to be encrypted 2.Convert to canonical form if using entities or namepaces 3.encrypting the resulting canonical form using public key encryption 4.sending the encrypted xml to the intended recipient Encrypting xml data -1.xml subelement and content Encryption -2.partial xml element encryption -3.encrypting Xml element content only 5. Explain the applications of XML as occuring in three waves? Wave One: Vertical Industry Data Descriptions • Finance: OFX -OFX uses XML to bridge the gap between brokerage databases and personal software -The focus of HR-XML vocabulary has been on data exchange, not on data storage. • Human Resources and HR-XML - HR-XML defines a common vocabulary for storing human resources data. - XML-HR specifically targets XML for data storage, not B2B transactional data. - uses elements for data and attributes for meta data • Mortgage Banking: MISMO - MISMO’s XML definitions focus on data transfer. • Tracking XML Standards - OASIS is an organization that tracks and promotes XML standards. - OASIS’s technical work falls into one of the following categories: 1. Vertical industry applications 2. Horizontal and e-business framework 3. Interoperability 4. Conformance Testing Wave Two: Configuration and Action • EJB and XML - EJB uses XML for software configuration. - The XML-based deployment descriptor contains two kinds of information: 1. EJB structural information 2. Application assembly information • SVG - SVG defines an XML grammar for creating vector-based 2D graphics for the web and other applications. - Advantages over GIF and JPEG: 1. Readability 2. Scalability 3. Ability to zoom 4. Searchable and selectable text 5. Scripting and animation - Software packages that can be used to display SVG image: 1. Adobe SVG Viewer 2. Apche Batik SVG browser 3. CSIRO Pocket SVG viewer • Voice XML - The Voice XML standard provides a platform for voice applications - Voice XML documents describe conversations - Voice XML supports forms and menus. * Forms provide voice control for completing the equivalent web form * Menus present users with a choice of options and have the ability to transfer control to other menu dialogs based on user response • SMIL -SMIL uses XML to build multimedia presentations Advantages: -Faster and easier development -Web standard support in IE 5.5 RealPlayer,Windows Media Player and Adobe’s SVG plug-in - No requirement that users enable Java Script in their browsers SMIL elements: -SMIL includes elements that describe not only how to draw graphics but also how to coordinate them over time SMIL Modularization: -SMIL modules address the problem of integration Wave Three: Power through combination • The British Government GovTalk Initiative -GovTalk use XML as the basis for exchanging information among government systems. -Three important policy decisions: Internet Alignment XML Web browser as GUI